United Airlines has become the first airline to start a bug bounty program and instead of monetary rewards, it offers air miles: a million for remote code execution bugs, 250,000 miles for medium severity vulnerabilities (authentication bypasses, timing attacks, etc.), and 50,000 for cross-site scripting and cross-site request forgery flaws, as well as third-party issues that affect the company.
The cryptography used in the Open Smart Grid Protocol (OSGP), one of the most widely used smart meter and smart grid device networking standards, can be easily cracked, researchers have found.
Guess what? Unless your site is hosted by one of 11 specific web hosts, it's time to patch your WordPress installation again! Netsparker researchers have recently unearthed a vulnerability affecting one popular theme installed by default in all WordPress installations, and which can be exploited by attackers to take control of vulnerable WP sites.
After the Superfish debacle earlier this year, Lenovo's security practices have once again been found lacking as researchers have discovered several vulnerabilities in the company's System Update software.
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.